What is a Standard?

The term “standard” can be answered in one of two ways, since there are two distinct meanings (one being correct and the other incorrect). Unfortunately, “standard” falls in the common word crimes scenario since it is often used improperly. Using proper definitions helps avoid confusing scenarios such as trying to describe a “football bat” which is not a thing.

Proper use of “standard” relates to formalized, measurable rules that provide granular requirements to implement policies. A standard ensure uniform compliance across systems and exceptions must be formally justified.

Improper use of “standard” relates to common cybersecurity frameworks (e.g., SCF, NIST CSF, ISO 27001, NIST 800-53, etc.). This use of the term is focused on a “security framework” which is a basic structure underlying a system, concept, or text.

Governance Risk & Compliance (GRC) Content

Secure Controls Framework (SCF)

NIST 800-171 & CMMC - Where Do I Start?

Editable Policies & Standards Templates

Editable Procedures Templates

Cybersecurity Supply Chain Risk Management

NIST 800-171 Compliance

Risk Management

Data Protection (Privacy) & Secure Engineering

Vulnerability & Patch Management

Incident Response

PCI DSS Compliance

NIST 800-171 & CMMC Compliance

Premium GRC Content (GRC Importable)

Cybersecurity Policies, Standards & Procedures

Cybersecurity Supply Chain Risk Management

Privacy & Data Protection (GDPR, CCPA & more)

Risk Management Bundles

Subscriptions

Common Compliance Requirements

Alignment With Secure Practices

Free Guides

Cost Savings

US Federal Data Security Laws & Regulations

US State Data Security Laws & Regulations

International Data Security Laws & Regulations

SCF Licensed Content Provider (LCP)

SCF Certifications

Individual Certifications

Controlled Unclassified Information (CUI)

Why Choose ComplianceForge?

Industries Served & Client References

Multiple Company Discount

Product Comparison: DSP vs CDPP

What is a Standard?

What is a Standard?